From bab84a13ff7d51358734b4b96a475e441af92444 Mon Sep 17 00:00:00 2001
From: nekral-guest <nekral-guest@5a98b0ae-9ef6-0310-add3-de5d479b70d7>
Date: Sat, 6 Sep 2008 23:46:44 +0000
Subject: [PATCH] Additional PAM cleanup: 	* src/userdel.c,
 src/newusers.c, src/chpasswd.c, src/chfn.c, 	src/groupmems.c,
 src/usermod.c, src/groupdel.c, src/chgpasswd.c, 	src/useradd.c,
 src/groupmod.c, src/groupadd.c, src/chage.c, 	src/chsh.c: If the username
 cannot be determined, report it as 	such (not a PAM authentication
 failure).

---
 ChangeLog       |  3 ++-
 src/chage.c     |  9 ++++++---
 src/chfn.c      |  9 ++++++---
 src/chgpasswd.c |  9 ++++++---
 src/chpasswd.c  |  9 ++++++---
 src/chsh.c      |  9 ++++++---
 src/groupadd.c  |  9 ++++++---
 src/groupdel.c  | 10 ++++++----
 src/groupmems.c | 10 ++++++----
 src/groupmod.c  | 10 ++++++----
 src/newusers.c  |  9 ++++++---
 src/useradd.c   | 10 ++++++----
 src/userdel.c   | 10 ++++++----
 src/usermod.c   | 10 ++++++----
 14 files changed, 80 insertions(+), 46 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index f0b77dd3..7a5099f1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -56,7 +56,8 @@
 	src/useradd.c, src/groupmod.c, src/groupadd.c, src/chage.c,
 	src/chsh.c: Simplify the PAM error handling. Do not keep the pamh
 	handle, but terminate the PAM transaction as soon as possible if
-	there are no PAM session opened.
+	there are no PAM session opened. If the username cannot be
+	determined, report it as such (not a PAM authentication failure).
 	* src/useradd.c, src/userdel.c, src/usermod.c: It is no more
 	needed to initialize retval to PAM_SUCCESS.
 
diff --git a/src/chage.c b/src/chage.c
index 680b57d9..e7dad8b9 100644
--- a/src/chage.c
+++ b/src/chage.c
@@ -509,11 +509,14 @@ static void check_perms (void)
 #ifdef USE_PAM
 	pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
 	if (NULL == pampw) {
-		retval = PAM_USER_UNKNOWN;
-	} else {
-		retval = pam_start ("chage", pampw->pw_name, &conv, &pamh);
+		fprintf (stderr,
+		         _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		exit (E_NOPERM);
 	}
 
+	retval = pam_start ("chage", pampw->pw_name, &conv, &pamh);
+
 	if (PAM_SUCCESS == retval) {
 		retval = pam_authenticate (pamh, 0);
 	}
diff --git a/src/chfn.c b/src/chfn.c
index 0137a9cf..c73ef8c5 100644
--- a/src/chfn.c
+++ b/src/chfn.c
@@ -377,11 +377,14 @@ static void check_perms (const struct passwd *pw)
 #else				/* !USE_PAM */
 	pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
 	if (NULL == pampw) {
-		retval = PAM_USER_UNKNOWN;
-	} else {
-		retval = pam_start ("chfn", pampw->pw_name, &conv, &pamh);
+		fprintf (stderr,
+		         _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		exit (E_NOPERM);
 	}
 
+	retval = pam_start ("chfn", pampw->pw_name, &conv, &pamh);
+
 	if (PAM_SUCCESS == retval) {
 		retval = pam_authenticate (pamh, 0);
 	}
diff --git a/src/chgpasswd.c b/src/chgpasswd.c
index 011c009f..d1ffe392 100644
--- a/src/chgpasswd.c
+++ b/src/chgpasswd.c
@@ -256,11 +256,14 @@ static void check_perms (void)
 
 	pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
 	if (NULL == pampw) {
-		retval = PAM_USER_UNKNOWN;
-	} else {
-		retval = pam_start ("chgpasswd", pampw->pw_name, &conv, &pamh);
+		fprintf (stderr,
+		         _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		exit (1);
 	}
 
+	retval = pam_start ("chgpasswd", pampw->pw_name, &conv, &pamh);
+
 	if (PAM_SUCCESS == retval) {
 		retval = pam_authenticate (pamh, 0);
 	}
diff --git a/src/chpasswd.c b/src/chpasswd.c
index 014a25ae..9a626755 100644
--- a/src/chpasswd.c
+++ b/src/chpasswd.c
@@ -250,11 +250,14 @@ static void check_perms (void)
 
 	pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
 	if (NULL == pampw) {
-		retval = PAM_USER_UNKNOWN;
-	} else {
-		retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh);
+		fprintf (stderr,
+		         _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		exit (1);
 	}
 
+	retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh);
+
 	if (PAM_SUCCESS == retval) {
 		retval = pam_authenticate (pamh, 0);
 	}
diff --git a/src/chsh.c b/src/chsh.c
index 269b7a15..a33be57b 100644
--- a/src/chsh.c
+++ b/src/chsh.c
@@ -306,11 +306,14 @@ static void check_perms (const struct passwd *pw)
 #else				/* !USE_PAM */
 	pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
 	if (NULL == pampw) {
-		retval = PAM_USER_UNKNOWN;
-	} else {
-		retval = pam_start ("chsh", pampw->pw_name, &conv, &pamh);
+		fprintf (stderr,
+		         _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		exit (E_NOPERM);
 	}
 
+	retval = pam_start ("chsh", pampw->pw_name, &conv, &pamh);
+
 	if (PAM_SUCCESS == retval) {
 		retval = pam_authenticate (pamh, 0);
 	}
diff --git a/src/groupadd.c b/src/groupadd.c
index c7c7c28c..6cc07a49 100644
--- a/src/groupadd.c
+++ b/src/groupadd.c
@@ -575,11 +575,14 @@ static void check_perms (void)
 
 	pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
 	if (NULL == pampw) {
-		retval = PAM_USER_UNKNOWN;
-	} else {
-		retval = pam_start ("groupadd", pampw->pw_name, &conv, &pamh);
+		fprintf (stderr,
+		         _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		exit (1);
 	}
 
+	retval = pam_start ("groupadd", pampw->pw_name, &conv, &pamh);
+
 	if (PAM_SUCCESS == retval) {
 		retval = pam_authenticate (pamh, 0);
 	}
diff --git a/src/groupdel.c b/src/groupdel.c
index c1245e1a..1968b953 100644
--- a/src/groupdel.c
+++ b/src/groupdel.c
@@ -346,11 +346,13 @@ int main (int argc, char **argv)
 		struct passwd *pampw;
 		pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
 		if (pampw == NULL) {
-			retval = PAM_USER_UNKNOWN;
-		} else {
-			retval = pam_start ("groupdel", pampw->pw_name,
-					    &conv, &pamh);
+			fprintf (stderr,
+			         _("%s: Cannot determine your user name.\n"),
+			         Prog);
+			exit (1);
 		}
+
+		retval = pam_start ("groupdel", pampw->pw_name, &conv, &pamh);
 	}
 
 	if (PAM_SUCCESS == retval) {
diff --git a/src/groupmems.c b/src/groupmems.c
index bdad3ac8..8c1ff669 100644
--- a/src/groupmems.c
+++ b/src/groupmems.c
@@ -445,12 +445,14 @@ static void check_perms (void)
 
 		pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
 		if (NULL == pampw) {
-			retval = PAM_USER_UNKNOWN;
-		} else {
-			retval = pam_start ("groupmems", pampw->pw_name,
-					    &conv, &pamh);
+			fprintf (stderr,
+			         _("%s: Cannot determine your user name.\n"),
+			         Prog);
+			fail_exit (1);
 		}
 
+		retval = pam_start ("groupmems", pampw->pw_name, &conv, &pamh);
+
 		if (PAM_SUCCESS == retval) {
 			retval = pam_authenticate (pamh, 0);
 		}
diff --git a/src/groupmod.c b/src/groupmod.c
index 13362b15..d4a277cc 100644
--- a/src/groupmod.c
+++ b/src/groupmod.c
@@ -711,11 +711,13 @@ int main (int argc, char **argv)
 		struct passwd *pampw;
 		pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
 		if (NULL == pamh) {
-			retval = PAM_USER_UNKNOWN;
-		} else {
-			retval = pam_start ("groupmod", pampw->pw_name,
-					    &conv, &pamh);
+			fprintf (stderr,
+			         _("%s: Cannot determine your user name.\n"),
+			         Prog);
+			fail_exit (1);
 		}
+
+		retval = pam_start ("groupmod", pampw->pw_name, &conv, &pamh);
 	}
 
 	if (PAM_SUCCESS == retval) {
diff --git a/src/newusers.c b/src/newusers.c
index 1eefb7e2..209a4b4e 100644
--- a/src/newusers.c
+++ b/src/newusers.c
@@ -571,11 +571,14 @@ static void check_perms (void)
 
 	pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
 	if (NULL == pampw) {
-		retval = PAM_USER_UNKNOWN;
-	} else {
-		retval = pam_start ("newusers", pampw->pw_name, &conv, &pamh);
+		fprintf (stderr,
+		         _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		fail_exit (1);
 	}
 
+	retval = pam_start ("newusers", pampw->pw_name, &conv, &pamh);
+
 	if (PAM_SUCCESS == retval) {
 		retval = pam_authenticate (pamh, 0);
 	}
diff --git a/src/useradd.c b/src/useradd.c
index dba04f0c..af234d87 100644
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -1795,11 +1795,13 @@ int main (int argc, char **argv)
 		struct passwd *pampw;
 		pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
 		if (pampw == NULL) {
-			retval = PAM_USER_UNKNOWN;
-		} else {
-			retval = pam_start ("useradd", pampw->pw_name,
-					    &conv, &pamh);
+			fprintf (stderr,
+			         _("%s: Cannot determine your user name.\n"),
+			         Prog);
+			fail_exit (1);
 		}
+
+		retval = pam_start ("useradd", pampw->pw_name, &conv, &pamh);
 	}
 
 	if (PAM_SUCCESS == retval) {
diff --git a/src/userdel.c b/src/userdel.c
index 6559785b..b59d58a6 100644
--- a/src/userdel.c
+++ b/src/userdel.c
@@ -840,11 +840,13 @@ int main (int argc, char **argv)
 		struct passwd *pampw;
 		pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
 		if (pampw == NULL) {
-			retval = PAM_USER_UNKNOWN;
-		} else {
-			retval = pam_start ("userdel", pampw->pw_name,
-					    &conv, &pamh);
+			fprintf (stderr,
+			         _("%s: Cannot determine your user name.\n"),
+			         Prog);
+			exit (E_PW_UPDATE);
 		}
+
+		retval = pam_start ("userdel", pampw->pw_name, &conv, &pamh);
 	}
 
 	if (PAM_SUCCESS == retval) {
diff --git a/src/usermod.c b/src/usermod.c
index 709e2984..d5bb3ba4 100644
--- a/src/usermod.c
+++ b/src/usermod.c
@@ -1661,11 +1661,13 @@ int main (int argc, char **argv)
 		struct passwd *pampw;
 		pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
 		if (pampw == NULL) {
-			retval = PAM_USER_UNKNOWN;
-		} else {
-			retval = pam_start ("usermod", pampw->pw_name,
-					    &conv, &pamh);
+			fprintf (stderr,
+			         _("%s: Cannot determine your user name.\n"),
+			         Prog);
+			exit (1);
 		}
+
+		retval = pam_start ("usermod", pampw->pw_name, &conv, &pamh);
 	}
 
 	if (PAM_SUCCESS == retval) {